Share via

Cosmos DB Trigger Azure Function getting triggered without having any inbound access

Debashis Jena 76 Reputation points
2023-04-14T06:58:18.0866667+00:00

We have created a Cosmos DB trigger azure function. In inbound traffic we have blocked public access and not configured any private endpoint. In outbound traffic we have configured same VNET as cosmos DB. Though we are not giving private access in inbound traffic of Azure function, it is getting triggered by Cosmos DB record updation.
How Function is getting triggered even though we have complete restriction in inbound traffic?

Azure Functions
Azure Functions

An Azure service that provides an event-driven serverless compute platform.

Azure Cosmos DB
Azure Cosmos DB

An Azure NoSQL database service for app development.

0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Oury Ba-MSFT 21,156 Reputation points Microsoft Employee Moderator
    2023-04-17T09:14:26.8233333+00:00

    Debashis Jena Thank you for reaching out. From the description above looks like your Azure Function is getting triggered even though we have complete restriction in inbound traffic. Even if you have blocked public access and not configured any private endpoint for inbound traffic, the Azure Function can still be triggered by Cosmos DB record updating because the outbound traffic from Cosmos DB is configured to use the same VNET as the Azure Function. This means that the outbound traffic from Cosmos DB is allowed to reach the Azure Function, even though the inbound traffic to the Azure Function is restricted. Read more. Configure access to Azure Cosmos DB from virtual networks (VNet) Azure Functions networking options Please do comment below if you need additional clarifications. Regards, Oury

    Was this answer helpful?

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.